3308 matches found
USN-7824-1 redis vulnerability
Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Redis server...
CVE-2018-25117
VestaCP commit a3f0fa1 2018-05-31 up to commit ee03eff 2018-06-13 contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject to installation of Linux/ChachaDDoS, a multi-stage DDoS bot...
EUVD-2018-21604
VestaCP commit a3f0fa1 2018-05-31 up to commit ee03eff 2018-06-13 contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject to installation of Linux/ChachaDDoS, a multi-stage DDoS bot...
CVE-2018-25117
CVE-2018-25117 concerns VestaCP Debian Installer maldocs. From 2018-05-31 to 2018-06-13, the installer was tainted with embedded malicious code causing a supply-chain compromise. New installations from compromised installers since May 2018 installed Linux/ChachaDDoS, a multi-stage DDoS bot that u...
PT-2025-42217
VestaCP commit a3f0fa1 2018-05-31 up to commit ee03eff 2018-06-13 contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject to installation of Linux/ChachaDDoS, a multi-stage DDoS bot...
Amazon Linux 2 : redis, --advisory ALAS2REDIS6-2025-015 (ALASREDIS6-2025-015)
The version of redis installed on the remote host is prior to 6.2.20-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2025-015 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated use...
Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2025-1222)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1222 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and...
Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-1221)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1221 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and...
Exploit for Use After Free in Redis
🚨 CVE-2025-49844 RediShell - Complete Guide ⚠️ Just for...
Important: redis
Issue Overview: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with...
Important: valkey
Issue Overview: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with...
Important: redis6
Issue Overview: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with...
[SECURITY] Fedora 41 Update: valkey-8.0.6-1.fc41
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
[SECURITY] Fedora 42 Update: valkey-8.0.6-1.fc42
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
PT-2025-41846
Name of the Vulnerable Software and Affected Versions YouDataSum CPAS Audit Management System versions prior to 4.9 Description The YouDataSum CPAS Audit Management System is susceptible to SQL Injection due to inadequate input validation. This allows remote, unauthenticated attackers to execute...
Fedora 41 : valkey (2025-00e79c49ca)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-00e79c49ca advisory. Valkey 8.0.6 - Released Fri 03 October 2025 Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possibl...
Fedora 42 : valkey (2025-3055a5b407)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-3055a5b407 advisory. Valkey 8.0.6 - Released Fri 03 October 2025 Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possibl...
OESA-2025-2390 redis security update
Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a...
OESA-2025-2389 redis security update
Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a...
Redis is vulnerable to DoS via specially crafted LUA scripts
...